FC SAN components and Zoning

Components of FC-SAN

While SAN configurations can become very complex, a SAN can be simplified to three basic entities;

 The host system or systems, the network and the storage device

1. Host System(s)

• Application Software (SAN Management Software, CLI Interface and others)

• Middleware (e.g., Volume Manager or Host RAID)

• Operating System/File System

• Host Bus Adapter (HBA) Driver

• Host Bus Adapter (HBA)

• Host Bus Adapter Firmware

2. Storage Network/Communications Infrastructure

• Physical Links (FC, ISCSI, Ethernet)

• Transceivers (GBIC & SFP or any other Transreceiver)

• Switches and Switch Firmware (Switches & Directors)

• Routers and Router Firmware

• Bridges or Extenders and their Firmware

3. Storage Device(s)

• Interface Adapter

• Interface Adapter Driver/Firmware

• Storage Controller Firmware

• Storage Device (e.g., disk, JBOD, Storage Arrays, Tape or Tape Library)

• Storage Media

Switch or Fabric Zoning:

SAN implementations make data highly accessible; as a result, there is a need for data-transfer optimization and finely tuned network security. Fabric zoning sets up the way devices in the SAN interact, establishing a certain level of management and

security.

What is zoning?

Zoning is a fabric-centric enforced way of creating barriers on the SAN fabric to prevent set groups of devices from interacting with other devices. SAN architectures provide port-to-port connections between servers and storage subsystems through bridges, switches, and hubs. Zoning sets up efficient methods of managing, partitioning, and controlling pathways to and from storage subsystems on the SAN fabric, which improves storage subsystem utilization, data access, and security on the SAN. In addition, zoning enables heterogeneous devices to be grouped by operating system, and further demarcation based on application, function, or department.

Types of zoning

There are two types of zoning: soft zoning and hard zoning.

• Soft zoning uses software to enforce zoning. The zoning process uses the name server database located in the FC switch. The name server database stores port numbers and World Wide Names (WWNs) used to identify devices during the zoning process.

When a zone change takes place, the devices in the database receive Registered State Change Notification (RSCN). Each device must

correctly address the RSCN to change related communication paths. Any device that does not correctly address the RSCN, yet continues to transfer data to a specific device after a zoning change, that device will be blocked from communicating with its targeted device.

• Hard zoning uses only WWNs to specify each device for a specific zone. Hard zoning requires each device to pass through the switch’s route table so that the switch can regulate data transfers by verified zone.

For example, if two ports are not authorized to communicate with each other, the route table for those ports is disabled, and the communication between those ports is blocked.

Zoning components

Zone configurations are based on either the physical port that devices plug into, or the WWN of the device. There are three zoning components:

• Zones

• Zone members

• Zone sets

What is a zone?

A zone is composed of servers and storage subsystems on a SAN that access each other through managed port-to-port connections. Devices in the same zone recognize and communicate with each other, but not necessarily with devices in other zones unless a device, in that zone, is configured for multiple zones

Zone types

•          Port zoning (all zone members are ports)

•          WWN zoning (all zone members are WWNs)

•          Session-based zoning (zone members are a mixture of WWNs and ports)

Zone database

•          Zone database consists of zone objects. 

•          A zone object can be an alias, a zone, or a configuration

•          Configurations contain zones which contain aliases

•          For any object, the commands available allow you to create, delete, add, remove, or show

–         cfgcreate/delete/add/remove/show

–         zonecreate/delete/add/remove/show

–         alicreate/delete/add/remove/show

•          Every switch in the fabric has the same copy of the entire database.

•          To clear the zone database from a switch, use cfgclear

Alias

•          An alias is a name for a device in the fabric

•          The alias contains the name of the devices, and either the WWN of the device, or the domain and port the device is attached to

•          WWN alias: alicreate “alias1”,”10:00:00:00:01:01:02:02”

•          Port alias: alicreate “alias2”,”100,15”

What is a zone member?

Zone members are the devices within the same assigned zone. See Figure 2. Zone member devices are restricted to intra-zone communications, meaning that these devices can only interact with members within their assigned zone. A zone member

cannot interact with devices outside its assigned zone unless it is configured in other zones

How is a zone member identified?

Each zone member is identified by a WWN or port number. each device has a unique WWN. A WWN is a 64-bit number that uniquely identifies each zone member.

What is a zone set?

A zone set is a group of zones that function together on the SAN. Each zone set can accommodate up to 256 zones. All devices in a zone see only devices assigned to their zone, but any device in that zone can be a member of other zones. In Figure 3,

all 4 zones see Member A.

Configurations

•          A configuration is a set of zones.

•          You can have multiple defined configurations, but only one active configuration in a fabric at any time.

•          cfgcreate “cfg1”,”zone1”

•          To enable a configuration, use ‘cfgenable “config1”.  This is now called the effective configuration

To disable the effective configuration, use cfgdisable command.  Note when you disable zoning that all devices can now see each other

Zone Commit

•          A zone commit is the process of updating all switches in the fabric when making a zone change

•          Zone commit is executed for cfgdisable, cfgenable, or cfgsave commands

•          Zone commit uses RCS protocol.  The switch making the commit communicates with each switch individually to ensure commit took place

•          When zone commit takes place, entire zoning database is sent to all switches even if only a little change has taken place.

RCS [Reliable Commit Service]

•          RCS is used for zoning, security, and some other things.

•          For zoning, RCS ensures a zone commits happens for every switch in the fabric, or none at all

•          4 phases to RCS:  ACA, SFC, UFC, RCA

Zoning limitation

Currently, fabric zoning cannot mask individual tape or disk storage LUNs that sit behind a storage-subsystem port. LUN masking and persistent binding are used to isolate devices behind storage-subsystem ports.